The Hacker News

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

Mustang Panda deployed TONESHELL via a signed kernel-mode rootkit, targeting Asian government networks and evading security ...

Chinese state hackers use rootkit to hide ToneShell malware activity

A new sample of the ToneShell backdoor, typically seen in Chinese cyberespionage campaigns, has been delivered through a kernel-mode loader in attacks against government organizations.
GitHub

OpenID Connect (OIDC) Pluggable Authentication Module for Linux

x64 /lib/x86_64-linux-gnu/security/pam_oidc_auth.so arm64 /lib/aarch64-linux-gnu/security/pam_oidc_auth.so Set permission chmod 555 /lib/x86_64-linux-gnu/security/pam ...